de8ba4ce0041243cda522bf639127a92bce949a58af0161b9f8183cf6b436312 | Triage

Sharing

General

Target

de8ba4ce0041243cda522bf639127a92bce949a58af0161b9f8183cf6b436312
Size

148KB
Sample

230608-nx65esfa53
MD5

3ac004a41768aa6d5ee531feb9f61f76
SHA1

316b65fc68fb316fb98f8c437435c2868e772420
SHA256

de8ba4ce0041243cda522bf639127a92bce949a58af0161b9f8183cf6b436312
SHA512

92cb1a6ab5543026b575c6739c4572c74b2b374a2b6d3de68919480eee7857bad41044ffc52884a2424bbc3481c2cb128266ebe124e7e341f6d34fb43e394524
SSDEEP

3072:zDNfk3As30+QTXASRWhPt4ZtukUe7TEXjW3CIyhuWVFrag1db0yx:zD5k3As3xCutQtf3WVFmkb0

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  de8ba4ce0041243cda522bf639127a92bce949a58af0161b9f8183cf6b436312
- Size
  
  148KB
- MD5
  
  3ac004a41768aa6d5ee531feb9f61f76
- SHA1
  
  316b65fc68fb316fb98f8c437435c2868e772420
- SHA256
  
  de8ba4ce0041243cda522bf639127a92bce949a58af0161b9f8183cf6b436312
- SHA512
  
  92cb1a6ab5543026b575c6739c4572c74b2b374a2b6d3de68919480eee7857bad41044ffc52884a2424bbc3481c2cb128266ebe124e7e341f6d34fb43e394524
- SSDEEP
  
  3072:zDNfk3As30+QTXASRWhPt4ZtukUe7TEXjW3CIyhuWVFrag1db0yx:zD5k3As3xCutQtf3WVFmkb0
Score

10^/10

evasion trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1